North Korea's ruling elite has boosted their operational security procedures and migrated away from Western social media, according to a report from Recorded Future.
Some 35 percent of developers receive no formalised training on secure coding practices and many organisations bolt security on to the end of the development lifecycle from a team in another silo.
A new attack group - Orangeworm - targeting the healthcare sector and related industries has been spotted by security researchers from Symantec.
A Cisco security advisory is warning users of a vulnerability in the firm's WebEx Meetings and WebEx Meetings Server that could allow a remote attacker to execute arbitrary code on their system.
Unfortunately there is a lack of knowledge and governance in many businesses around Kubernetes which in turn has created gaps in their security, but there are 3 key ways that organisations can keep their Kubernetes clusters secure.
Botnet uses compromised systems to spread infection. Security researchers have discovered a large botnet that is using a severe flaw in the Drupal CMS in order to infect other systems.
Security researchers observed a noticeable spurt in the activities of advanced persistent threat (APT) groups based in certain parts of Asia and in the Middle East during the first three months of the year.
Intel Monday announced three new measures that will be implemented in a future chip designed to bake security into the hardware following last year's Spectre/Meltdown vulnerability.
For the second year in a row, the financial services industry tops the charts as the most targeted industry with the highest volume of security incidents and the third highest volume of cyber-attacks.
By now it's clear most corporate people understand that the security posture of business partners and third parties has become a top priority.
Juniper Networks released more than a dozen security updates to patch a wide range of issues including two denial-of-service vulnerabilities and one for remote code execution.
Many enterprises are embracing Open source software (OSS) at a fast pace, but do such software solutions match up against enterprises' internal applications when it comes to security, robustness, maintainability, and efficiency?
If your company doesn't have the internal resources and IT expertise to ensure IT systems are secure and up-to-date then you have the option of outsourcing IT at a reasonable price to a managed services provider.
An audit of 1,000 open-source serverless applications carried out by serverless security company PureSec has revealed that 21 percent of such applications feature critical security vulnerabilities that can be exploited.
US Homeland Security warned Russian state actors behind attacks on US energy grid. Security researchers have warned that hackers are using badly-configured Cisco switches to gain entry into the infrastructure of organisations.
When engineers work on a new invention, they focus on "getting it to work". This imperative precedes the need to "make it safe".
Malware impersonates Kaspersky antivirus. Security researchers have found malware that steals credentials while pretending to be anti-virus software from Kaspersky.
Apple addressed a bevy of security bugs late last week, after issuing updated versions of its current operating systems, Safari browser and several core apps, as well as security enhancements for two older OS offerings.
While experts have warned about the perils of connecting to unsecured public Wi-Fi hotspots in the past, new research has revealed that organisations are suffering more from security issues than in the past.
Security flaws in Grindr can expose the personal information and location of its three million or so users.
Use the lessons learned from past attacks, ensure security is a high priority in the organisation and train staff appropriately, plus source solutions that are both reputable, transparent and independently audited.
Security researchers have discovered a new form of cryptocurrency miner that uses fileless malware to install itself on systems. The malware also removes other miners.
The problem with placing your organisation's digital crown jewels in the public cloud is that you must rely on the CSP's own security controls to identify and stop attackers.
Drupal is calling its users to be on standby for the announcement of a highly critical release on 28 March that will address issues in Drupal 7 and 8.
The fact is that 'shoulder-surfing' or 'visual hacking' is a threat to organisational data that is just as serious as any other, and not one to be ignored.
Malware active in South Korea, redirects calls to scammers. Security researchers have discovered a new variant of the Fakebank malware.
A product made by Cellebrite competitor GrayKey is raising security concerns over a standalone device capable of unlocking iPhones.
OceanLotus hits targets in Southeast Asia, while PlugX malware steals pharmaceutical data. APT groups are targeting high-profile corporate and government targets in Southeast Asia, security researchers have discovered.
Researchers at CTS Labs are accusing computer chip manufacturer Advanced Micro Devices (AMD) of disregarding "fundamental security principles" and overlooking "poor security practices and insufficient quality controls."
Security researchers have uncovered how deep packet inspection middleboxes are being used either to expose Turkish nationals to nation-state spyware or to redirect Egyptian Internet users to ads and browser cryptocurrency.